git.samba.org - janger/samba-autobuild-v4-20-test/.git/commit

git.samba.org / janger / samba-autobuild-v4-20-test / .git / commit

author	Andrew Bartlett <abartlet@samba.org>
	Tue, 1 Nov 2022 01:47:12 +0000 (14:47 +1300)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 13 Dec 2022 13:07:29 +0000 (13:07 +0000)
commit	538315a2aa6d03b7639b49eb1576efa8755fefec
tree	c3cfb4f64c590550dd61520f4c999be3d8a80b5d	tree
parent	177334c04230d0ad74bfc2b6825ffbebd5afb9af	commit \| diff

CVE-2022-37966 HEIMDAL: Look up the server keys to combine with clients etype list to select a session key

We need to select server, not client, to compare client etypes against.

(It is not useful to compare the client-supplied encryption types with
the client's own long-term keys.)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

selftest/knownfail_heimdal_kdc		diff \| blob \| history
third_party/heimdal/kdc/kerberos5.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom